Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

GHSA-p4jj-gwpg-9jwh: ConcreteCMS Cross-site Scripting vulnerability

Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.

ghsa
Open in Source
#xss#vulnerability#git
GHSA-6xx7-r8x4-fpjp: ConcreteCMS Cross-site Scripting vulnerability

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.

GHSA-j6h5-ggv2-3rfv: ConcreteCMS Cross-site Scripting vulnerability

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings.

GHSA-6fm3-r6mf-j875: ConcreteCMS Cross-site Scripting vulnerability

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags.

SAP Application Server ABAP Open Redirection

SAP Application Server ABAP and ABAP Platform suffer from an open redirection vulnerability.

Red Hat Security Advisory 2023-5480-01

Red Hat Security Advisory 2023-5480-01 - Red Hat OpenShift Serverless release of OpenShift Serverless Logic. This release includes security fixes. Issues addressed include a bypass vulnerability.

CVE-2023-44761: GitHub - sromanhu/ConcreteCMS-Stored-XSS---Forms: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Form of the Da

Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.

CVE-2023-44765: GitHub - sromanhu/ConcreteCMS-Stored-XSS---Associations: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Plural

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.

CVE-2023-44764: GitHub - sromanhu/ConcreteCMS-Stored-XSS---Site_Installation: Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SI

A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SITE parameter from installation or in the Settings.